Hello Kitty Website's Security Leak Is Fixed

Hello Kitty is a character which has spawned toys, theme parks and cartoons

A SECURITY leak which exposed the personal information of 3.3 million Hello Kitty fans has been fixed, the brand’s Japanese owners have said.

Sanrio Co said it had “corrected” a security vulnerability on the SanrioTown.com website, which features the iconic white cat and a host of other characters.

The leak was discovered on Saturday by a security researcher, and an investigation is under way to find out how it occurred.

The Hong Kong-based company said that anyone who knew the internet addresses of “specific vulnerable servers” could have accessed personal information such as names and birth dates.

It said that encrypted passwords were also available, but no credit card details were at risk. No information was stolen.

In a security advisory posted on its website, Sanrio said: “We investigated the problem and applied fixes, including securing the servers identified as vulnerable.”

The site is an online community for Hello Kitty enthusiasts and lets users play games, watch videos and keep up with news on their favourite character.

Almost 200,000 of its members of minors.

It is the second major data breach involving children in the past month.

VTech reported a breach that exposed the personal information of 6.4 million children around the world.

Police in the UK have arrested one man on hacking-related charges in that case. news.sky.com